Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

+

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

−

We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa

+

We have a mailing list at: https://lists.owasp.org/mailman/listinfo/owasp-tampa

−

If you have any questions about the Tampa chapter, please send an email to the chapter leader [http://scr.im/mascasa Justin Morehouse].

+

If you have any questions about the Tampa chapter, please send an email to the chapter leader [http://scr.im/mascasa Justin Morehouse].

−

The Tampa chapter is sponsored by [http://www.stratumsecurity.com http://www.owasp.org/images/5/59/StratumSecurityTampaOWASP.png]

+

The Tampa chapter is sponsored by [http://www.guidepointsecurity.com GuidePoint Security].

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Line 17:

Line 17:

== Next Meeting ==

== Next Meeting ==

−

Our next meeting will be held in Q3 of 2011 and will most likely occur in September. We are awaiting the results of the OWASP Tampa Day 2011 attendee survey to determine the best location and day/time for the meeting. Make sure you check back here often and join the mailing list for updates.

+

Our next meeting will be held on Wednesday, September 26 from 6 PM to 8 PM. We will be having two technical talks. For the first talk, Richard Newman will be presenting 'Taming B.E.A.S.T.' Ken Gehrke will be providing the second presentation which will be a hands-on workshop covering tools contained within the latest version of Backtrack. Their bios abstracts are below:

−

== Meeting Location ==

+

−

We meet quarterly at the [http://www.kforce.com Kforce] building in Ybor. The address is:

+

'''Richard Newman - Taming the B.E.A.S.T'''

+

Curious about the exploit which allows for the clear text recovery of encrypted web traffic? Stay tuned. In this presentation the Browser Exploit Against SSL / TLS will be demystified and explained.

+

+

''Richard is a senior information security engineer with a large local retailer, has 23 years experience within IT and recently 8 years in Information Security. He focusses on computer forensics, network security, vulnerability analysis, network and application penetration testing.''

+

+

+

'''Ken Gehrke - Tool Talk - Application Security'''

+

The presentation will include a brief powerpoint of general web application security concepts and discussion about some common tools within Backtrack 5 R3 and other application security tools such as BurpSuite and Netsparker. The presentation will then be driven into a live demonstration of some general web application penetration testing techniques against DVWA and NOWASP (Mutillidae) hosted on the Metasploitable 2 VM platform.

+

+

-= No wifi or network access will be required as the pen test lab is contained within VM =-

+

+

''Ken Gehrke is a 12 year veteran of information security and has covered a large spectrum of security operations, audit and penetration testing over the course of his career. Ken is currently working as a private consultant and has a background working in big 4, telecommunications and health care organizations. His specialty is web application security and web application penetration testing.''

+

+

+

The following is an agenda for our next meeting:

+

<UL>

+

<LI>5:45 PM to 6:00 PM - Check-in

+

<LI>6:00 PM to 6:45 PM - First Presentation

+

<LI>6:45 PM to 7:00 PM - Break

+

<LI>7:00 PM to 7:45 PM - Second Presentation

+

<LI>7:45 PM to 8:00 PM - Open Discussion Forum

+

</UL>

+

+

Please RSVP to [http://scr.im/mascasa Justin Morehouse] BEFORE 9/25 to be added to the security list.

+

+

== Meeting Location ==

+

+

Our next meeting will be held in Q3, most likely in Septemeber, at the [http://www.kforce.com Kforce] building in Ybor. The address is:

Revision as of 12:58, 12 September 2012

Welcome to the OWASP Tampa Local Chapter

<paypal>Tampa</paypal>

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Next Meeting

Our next meeting will be held on Wednesday, September 26 from 6 PM to 8 PM. We will be having two technical talks. For the first talk, Richard Newman will be presenting 'Taming B.E.A.S.T.' Ken Gehrke will be providing the second presentation which will be a hands-on workshop covering tools contained within the latest version of Backtrack. Their bios abstracts are below:

Richard Newman - Taming the B.E.A.S.T
Curious about the exploit which allows for the clear text recovery of encrypted web traffic? Stay tuned. In this presentation the Browser Exploit Against SSL / TLS will be demystified and explained.

Richard is a senior information security engineer with a large local retailer, has 23 years experience within IT and recently 8 years in Information Security. He focusses on computer forensics, network security, vulnerability analysis, network and application penetration testing.

Ken Gehrke - Tool Talk - Application Security
The presentation will include a brief powerpoint of general web application security concepts and discussion about some common tools within Backtrack 5 R3 and other application security tools such as BurpSuite and Netsparker. The presentation will then be driven into a live demonstration of some general web application penetration testing techniques against DVWA and NOWASP (Mutillidae) hosted on the Metasploitable 2 VM platform.

-= No wifi or network access will be required as the pen test lab is contained within VM =-

Ken Gehrke is a 12 year veteran of information security and has covered a large spectrum of security operations, audit and penetration testing over the course of his career. Ken is currently working as a private consultant and has a background working in big 4, telecommunications and health care organizations. His specialty is web application security and web application penetration testing.